Heather Green at Business Week has a nice new piece, “Commentary: Are the Copyright Wars Chilling Innovation?” Despite the question mark in the title, it’s clear from the piece that innovation is being chilled, especially in the research community.
The piece starts out by retelling the story of the legal smackdown threatened against my colleagues and me over a paper on digital watermarking technology. It goes on to discuss the chilling effect of copyright-related overregulation on others:
Intimidation isn’t hard to spot in academia. Aviel Rubin, a Johns Hopkins University professor who last year uncovered flaws in electronic-voting software developed by Diebold Inc. (DBD ), says he spends precious time plotting legal strategies before publishing research connected in any way to copyrights. Matthew Blaze, a computer scientist at the University of Pennsylvania, avoids certain types of computer security-related research because the techniques are also used in copy protection.
The pall has spread over classrooms as well. Eugene H. Spafford, a professor and digital-security expert at Purdue University, and David Wagner, an associate professor of computer science at the University of California at Berkeley, are refusing to take on teaching assignments in certain areas relating to computer security. “The problem isn’t that we’re worried about prosecution from the government. The problem is the civil lawsuits from the movie and music industries,” Spafford says. “I don’t have the resources to deal with that.”
Rubin, Blaze, Spafford, and Wagner are all leaders in the field, and all are avoiding legitimate and useful research and/or teaching because of the DMCA and laws like it.
The movie industry, as usual, offers nothing but the suspension of disbelief. Fritz Attaway: “It’s easy to assert you feel chilled, but I don’t see any evidence to support that”. This from an industry with a long record of suing technical innovators.
[link via SNTReport.com]
If he needs evidence, he’s welcome to my DMCA testimony.
See also the court case about research regarding the censorware company
N2H2.
This aspect of the DMCA is actually counter-productive for the content industry. The kind of research which is chilled is that which challenges and looks for weaknesses in protection schemes. If the top names in the field are avoiding investigation of these areas, a flawed protection system may go through the testing and evaluation phase without finding some fundamental weakness. Then, when it is widely deployed, chances are the problem will come out.
Something like this happened with DeCSS, the technology that protects DVDs. In that case it was not the DMCA, but rather the industry tried to keep the protection algorithm secret so that it was not exposed to vigorous public review. Then, by the time it was broken, it was too late to change. People today can freely rip DVDs today even though that was specifically designed to be impossible.
A more recent DMCA case was that of Niels Ferguson, who avoided publication of some flaws he found in the HDCP standard which is supposed to protect hi-def video as it travels between video components. He describes his situation at http://www.macfergus.com/niels/dmca/. So what’s going to happen with HDCP? They’re still going forward with fielding it. What if it comes out a few years from now that it’s totally breakable, and anyone can tap into their video cables and extract perfect digital content from the encrypted stream?
I would think that the content industry would rather find out now if the billions of dollars they will be spending implementing HDCP is going to be wasted. It’s true that not all cryptographers are avoiding these areas, and some have published some concerns with HDCP, which haven’t been serious enough to abort the project. But what if Niels’ attack turns out to be different than others that are known, and more dangerous? Or what about other cryptographers who also may be avoiding study of the standard?
Content companies are actually harming themselves by supporting the DMCA when it is demonstrably exerting a chilling effect on research which they depend on for their livelihood. Of course the DMCA does have carve-outs to try to protect so-called legitimate encryption research, but if the people in the trenches find these protections inadequate, it is in the content industry’s own interest to join with these researchers and work to improve the DMCA in this regard.